GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,409

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

9,897 advisories

Filter by severity

Sort by

Least recently updated

Mattermost versions 9.10.x <= 9.10.2, 9.11.x <= 9.11.1, 9.5.x <= 9.5.9 and 10.0.x <= 10.0.0 fail... Low Unreviewed

CVE-2024-42000 was published Nov 9, 2024

Mattermost versions 9.11.x <= 9.11.2, and 9.5.x <= 9.5.10 fail to protect the mfa code against... Low Unreviewed

CVE-2024-36250 was published Nov 9, 2024

Northern.tech Hosted Mender before 2024.07.11 allows SSRF. Low Unreviewed

CVE-2024-47190 was published Nov 8, 2024

nGrinder before 3.5.9 allows to set delay without limitation, which could be the cause of Denial... Low Unreviewed

CVE-2024-28214 was published Mar 7, 2024

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: FIX... Low Unreviewed

CVE-2024-50044 was published Oct 21, 2024

Dell PowerProtect DD, versions prior to 7.7.5.50, contains an Exposure of Sensitive Information... Low Unreviewed

CVE-2024-48011 was published Nov 8, 2024

In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent... Low Unreviewed

CVE-2023-52746 was published May 21, 2024

In the Linux kernel, the following vulnerability has been resolved: net/usb: kalmia: Don't pass... Low Unreviewed

CVE-2023-52703 was published May 21, 2024

An administrative user of WebReports may perform a Cross Site Scripting (XSS) and/or Man in the... Low Unreviewed

CVE-2023-45706 was published Mar 28, 2024

HCL BigFix Compliance is affected by a missing secure flag on a cookie. If a secure flag is not... Low Unreviewed

CVE-2024-30142 was published Nov 7, 2024

Improper input validation in PAM JIT elevation feature in Devolutions Server 2024.1.6 and earlier... Low Unreviewed

CVE-2024-2918 was published Apr 9, 2024

There is an out-of-bounds read vulnerability in some Hikvision NVRs. An authenticated attacker... Low Unreviewed

CVE-2024-29948 was published Apr 2, 2024

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables:... Low Unreviewed

CVE-2023-52620 was published Mar 21, 2024

An issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface... Low Unreviewed

CVE-2024-28808 was published Sep 30, 2024

In ShortcutInfo of ShortcutInfo.java, there is a possible way for an app to retain notification... Low Unreviewed

CVE-2023-21246 was published Jul 13, 2023

A privacy issue was addressed with improved private data redaction for log entries. This issue is... Low Unreviewed

CVE-2023-40439 was published Jan 11, 2024

A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to upload... Low Unreviewed

CVE-2024-20528 was published Nov 6, 2024

A vulnerability was found in mariazevedo88 travels-java-api up to 5.0.1 and classified as... Low Unreviewed

CVE-2024-10920 was published Nov 6, 2024

Generation of weak and predictable Initialization Vector (IV) in PMFW (Power Management Firmware)... Low Unreviewed

CVE-2023-31305 was published Aug 13, 2024

A vulnerability, which was classified as problematic, has been found in Cosmote Greece What's Up... Low Unreviewed

CVE-2024-10748 was published Nov 4, 2024

Improper authorization in Settings prior to SMR Nov-2024 Release 1 allows physical attackers to... Low Unreviewed

CVE-2024-34682 was published Nov 6, 2024

Improper access control in Dex Mode prior to SMR Nov-2024 Release 1 allows physical attackers to... Low Unreviewed

CVE-2024-34675 was published Nov 6, 2024

Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2... Low Unreviewed

CVE-2024-36452 was published Jul 10, 2024

Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS... Low Unreviewed

CVE-2021-46772 was published Aug 13, 2024

Nokia SR OS bof.cfg file encryption is vulnerable to a brute force attack. This weakness allows... Low Unreviewed

CVE-2023-6728 was published Oct 17, 2024

Previous 1 2 3 4 5 … 395 396 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

9,897 advisories